Author: Chris Edwards Date: To: Konrad Michels CC: exim-users Subject: Re: [Exim] Spam blacklist
Konrad Michels wrote:
| I've now implimented 127.0.0.2 blocking on my mail server using
| dsbl.org, abuseat.org, spamhaus.org and spamcop.net. In addition I'm
| also using an old spews list which I downloaded before it went tits-up
| which I've run through sort and uniq and then converted to dbm format
| and am doing dbm lookups against it. | | I've also started an "internal" list, which at the moment is just a flat
| text file against which exim is doing linear searches, where I'm
| entering IP addresses or IP subnets of spam that is still slipping
| through this net. | | Oh, I'm also running spamassassin! | | ANd its amazing what is still slipping through! By far 95% of spam that
| is still getting through is coming from cable/dsl/dialup related blocks
| of IP addresses. | | So what I was wondering was whether anyone know of any more
| comprehensive list of dynamic IP address ranges: I'd like to impliment a
| simple rule which just blocks all connections from dynamic IP address
| subnets?
Are you using SORBS ? Replying to a prev. message suggesting sorbs
implies you've considered it, but you don't mention it above.
The SORBS DUL component is probably the best dynamic list at present.
dul.dnsbl.sorbs.net
or you may be able to save on lookups:
dnsbl.sorbs.net=127.0.0.10
or might as well take their open proxy etc components etc, and just
ignore the risky "spam sources" component:
dnsbl.sorbs.net!=127.0.0.6
Either award points, or if brave, block them outright!